MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
2008-09-18T15:04:27.407
2025-04-09T00:30:58.490
Deferred
CVSSv2: 4.6 (MEDIUM)
AV:N/AC:H/Au:S/C:P/I:P/A:P
3.9
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | canonical | ubuntu_linux | 6.06 | Yes |
| Operating System | canonical | ubuntu_linux | 7.10 | Yes |
| Operating System | canonical | ubuntu_linux | 8.04 | Yes |
| Operating System | canonical | ubuntu_linux | 8.10 | Yes |
| Operating System | canonical | ubuntu_linux | 9.04 | Yes |
| Operating System | canonical | ubuntu_linux | 9.10 | Yes |
| Operating System | debian | debian_linux | 5.0 | Yes |
| Application | mysql | mysql | 5.0.0 | Yes |
| Application | mysql | mysql | 5.0.1 | Yes |
| Application | mysql | mysql | 5.0.2 | Yes |
| Application | mysql | mysql | 5.0.3 | Yes |
| Application | mysql | mysql | 5.0.4 | Yes |
| Application | mysql | mysql | 5.0.5 | Yes |
| Application | mysql | mysql | 5.0.10 | Yes |
| Application | mysql | mysql | 5.0.15 | Yes |
| Application | mysql | mysql | 5.0.16 | Yes |
| Application | mysql | mysql | 5.0.17 | Yes |
| Application | mysql | mysql | 5.0.20 | Yes |
| Application | mysql | mysql | 5.0.24 | Yes |
| Application | mysql | mysql | 5.0.30 | Yes |
| Application | mysql | mysql | 5.0.36 | Yes |
| Application | mysql | mysql | 5.0.44 | Yes |
| Application | mysql | mysql | 5.0.54 | Yes |
| Application | mysql | mysql | 5.0.56 | Yes |
| Application | mysql | mysql | 5.0.60 | Yes |
| Application | mysql | mysql | 5.0.66 | Yes |
| Application | oracle | mysql | 5.0.23 | Yes |
| Application | oracle | mysql | 5.0.25 | Yes |
| Application | oracle | mysql | 5.0.26 | Yes |
| Application | oracle | mysql | 5.0.28 | Yes |
| Application | oracle | mysql | 5.0.30 | Yes |
| Application | oracle | mysql | 5.0.32 | Yes |
| Application | oracle | mysql | 5.0.34 | Yes |
| Application | oracle | mysql | 5.0.36 | Yes |
| Application | oracle | mysql | 5.0.38 | Yes |
| Application | oracle | mysql | 5.0.40 | Yes |
| Application | oracle | mysql | 5.0.41 | Yes |
| Application | oracle | mysql | 5.0.42 | Yes |
| Application | oracle | mysql | 5.0.44 | Yes |
| Application | oracle | mysql | 5.0.45 | Yes |
| Application | oracle | mysql | 5.0.46 | Yes |
| Application | oracle | mysql | 5.0.48 | Yes |
| Application | oracle | mysql | 5.0.50 | Yes |
| Application | oracle | mysql | 5.0.50 | Yes |
| Application | oracle | mysql | 5.0.51 | Yes |
| Application | oracle | mysql | 5.0.52 | Yes |
| Application | oracle | mysql | 5.0.56 | Yes |
| Application | oracle | mysql | 5.0.58 | Yes |
| Application | oracle | mysql | 5.0.60 | Yes |
| Application | oracle | mysql | 5.0.62 | Yes |
| Application | oracle | mysql | 5.0.64 | Yes |
| Application | oracle | mysql | 5.0.66 | Yes |